request = $this->createMock(IRequest::class); $this->userSession = $this->createMock(IUserSession::class); $this->l10n = $this->createMock(IL10N::class); $this->l10n ->expects($this->any()) ->method('t') ->willReturnCallback(function ($text, $parameters = []) { return vsprintf($text, $parameters); }); $this->defaults = $this->createMock(Defaults::class); $this->session = $this->createMock(ISession::class); $this->tokenProvider = $this->createMock(IProvider::class); $this->random = $this->createMock(ISecureRandom::class); $this->urlGenerator = $this->createMock(IURLGenerator::class); $this->clientMapper = $this->createMock(ClientMapper::class); $this->accessTokenMapper = $this->createMock(AccessTokenMapper::class); $this->crypto = $this->createMock(ICrypto::class); $this->eventDispatcher = $this->createMock(IEventDispatcher::class); $this->timeFactory = $this->createMock(ITimeFactory::class); $this->config = $this->createMock(IConfig::class); $this->clientFlowLoginController = new ClientFlowLoginController( 'core', $this->request, $this->userSession, $this->l10n, $this->defaults, $this->session, $this->tokenProvider, $this->random, $this->urlGenerator, $this->clientMapper, $this->accessTokenMapper, $this->crypto, $this->eventDispatcher, $this->timeFactory, $this->config, ); } public function testShowAuthPickerPageNoClientOrOauthRequest(): void { $expected = new StandaloneTemplateResponse( 'core', 'error', [ 'errors' => [ [ 'error' => 'Access Forbidden', 'hint' => 'Invalid request', ], ], ], 'guest' ); $this->assertEquals($expected, $this->clientFlowLoginController->showAuthPickerPage()); } public function testShowAuthPickerPageWithOcsHeader(): void { $this->request ->method('getHeader') ->willReturnMap([ ['USER_AGENT', 'Mac OS X Sync Client'], ['OCS-APIREQUEST', 'true'], ]); $this->random ->expects($this->once()) ->method('generate') ->with( 64, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS ) ->willReturn('StateToken'); $this->session ->expects($this->once()) ->method('set') ->with('client.flow.state.token', 'StateToken'); $this->session ->expects($this->once()) ->method('get') ->with('oauth.state') ->willReturn('OauthStateToken'); $this->defaults ->expects($this->once()) ->method('getName') ->willReturn('ExampleCloud'); $this->request ->expects($this->once()) ->method('getServerHost') ->willReturn('example.com'); $this->request ->method('getServerProtocol') ->willReturn('https'); $expected = new StandaloneTemplateResponse( 'core', 'loginflow/authpicker', [ 'client' => 'Mac OS X Sync Client', 'clientIdentifier' => '', 'instanceName' => 'ExampleCloud', 'urlGenerator' => $this->urlGenerator, 'stateToken' => 'StateToken', 'serverHost' => 'https://example.com', 'oauthState' => 'OauthStateToken', 'user' => '', 'direct' => 0, 'providedRedirectUri' => '', ], 'guest' ); $csp = new Http\ContentSecurityPolicy(); $csp->addAllowedFormActionDomain('nc://*'); $expected->setContentSecurityPolicy($csp); $this->assertEquals($expected, $this->clientFlowLoginController->showAuthPickerPage()); } public function testShowAuthPickerPageWithOauth(): void { $this->request ->method('getHeader') ->willReturnMap([ ['USER_AGENT', 'Mac OS X Sync Client'], ['OCS-APIREQUEST', 'false'], ]); $client = new Client(); $client->setName('My external service'); $client->setRedirectUri('https://example.com/redirect.php'); $this->clientMapper ->expects($this->once()) ->method('getByIdentifier') ->with('MyClientIdentifier') ->willReturn($client); $this->random ->expects($this->once()) ->method('generate') ->with( 64, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS ) ->willReturn('StateToken'); $this->session ->expects($this->once()) ->method('set') ->with('client.flow.state.token', 'StateToken'); $this->session ->expects($this->once()) ->method('get') ->with('oauth.state') ->willReturn('OauthStateToken'); $this->defaults ->expects($this->once()) ->method('getName') ->willReturn('ExampleCloud'); $this->request ->expects($this->once()) ->method('getServerHost') ->willReturn('example.com'); $this->request ->method('getServerProtocol') ->willReturn('https'); $expected = new StandaloneTemplateResponse( 'core', 'loginflow/authpicker', [ 'client' => 'My external service', 'clientIdentifier' => 'MyClientIdentifier', 'instanceName' => 'ExampleCloud', 'urlGenerator' => $this->urlGenerator, 'stateToken' => 'StateToken', 'serverHost' => 'https://example.com', 'oauthState' => 'OauthStateToken', 'user' => '', 'direct' => 0, 'providedRedirectUri' => '', ], 'guest' ); $csp = new Http\ContentSecurityPolicy(); $csp->addAllowedFormActionDomain('https://example.com/redirect.php'); $expected->setContentSecurityPolicy($csp); $this->assertEquals($expected, $this->clientFlowLoginController->showAuthPickerPage('MyClientIdentifier')); } public function testGenerateAppPasswordWithInvalidToken(): void { $this->session ->expects($this->once()) ->method('get') ->with('client.flow.state.token') ->willReturn('OtherToken'); $this->session ->expects($this->once()) ->method('remove') ->with('client.flow.state.token'); $expected = new StandaloneTemplateResponse( 'core', '403', [ 'message' => 'State token does not match', ], 'guest' ); $expected->setStatus(Http::STATUS_FORBIDDEN); $this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken')); } public function testGenerateAppPasswordWithSessionNotAvailableException(): void { $this->session ->expects($this->once()) ->method('get') ->with('client.flow.state.token') ->willReturn('MyStateToken'); $this->session ->expects($this->once()) ->method('remove') ->with('client.flow.state.token'); $this->session ->expects($this->once()) ->method('getId') ->willThrowException(new SessionNotAvailableException()); $expected = new Http\Response(); $expected->setStatus(Http::STATUS_FORBIDDEN); $this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken')); } public function testGenerateAppPasswordWithInvalidTokenException(): void { $this->session ->expects($this->once()) ->method('get') ->with('client.flow.state.token') ->willReturn('MyStateToken'); $this->session ->expects($this->once()) ->method('remove') ->with('client.flow.state.token'); $this->session ->expects($this->once()) ->method('getId') ->willReturn('SessionId'); $this->tokenProvider ->expects($this->once()) ->method('getToken') ->with('SessionId') ->willThrowException(new InvalidTokenException()); $expected = new Http\Response(); $expected->setStatus(Http::STATUS_FORBIDDEN); $this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken')); } public function testGeneratePasswordWithPassword(): void { $this->session ->expects($this->once()) ->method('get') ->with('client.flow.state.token') ->willReturn('MyStateToken'); $this->session ->expects($this->once()) ->method('remove') ->with('client.flow.state.token'); $this->session ->expects($this->once()) ->method('getId') ->willReturn('SessionId'); $myToken = $this->createMock(IToken::class); $myToken ->expects($this->once()) ->method('getLoginName') ->willReturn('MyLoginName'); $this->tokenProvider ->expects($this->once()) ->method('getToken') ->with('SessionId') ->willReturn($myToken); $this->tokenProvider ->expects($this->once()) ->method('getPassword') ->with($myToken, 'SessionId') ->willReturn('MyPassword'); $this->random ->expects($this->once()) ->method('generate') ->with(72) ->willReturn('MyGeneratedToken'); $user = $this->createMock(IUser::class); $user ->expects($this->once()) ->method('getUID') ->willReturn('MyUid'); $this->userSession ->expects($this->once()) ->method('getUser') ->willReturn($user); $this->tokenProvider ->expects($this->once()) ->method('generateToken') ->with( 'MyGeneratedToken', 'MyUid', 'MyLoginName', 'MyPassword', 'unknown', IToken::PERMANENT_TOKEN, IToken::DO_NOT_REMEMBER ); $this->request ->expects($this->once()) ->method('getServerProtocol') ->willReturn('http'); $this->request ->expects($this->once()) ->method('getServerHost') ->willReturn('example.com'); $this->request ->expects($this->any()) ->method('getHeader') ->willReturn(''); $this->eventDispatcher->expects($this->once()) ->method('dispatchTyped'); $expected = new Http\RedirectResponse('nc://login/server:http://example.com&user:MyLoginName&password:MyGeneratedToken'); $this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken')); } /** * @param string $redirectUri * @param string $redirectUrl * * @testWith * ["https://example.com/redirect.php", "https://example.com/redirect.php?state=MyOauthState&code=MyAccessCode"] * ["https://example.com/redirect.php?hello=world", "https://example.com/redirect.php?hello=world&state=MyOauthState&code=MyAccessCode"] * */ public function testGeneratePasswordWithPasswordForOauthClient($redirectUri, $redirectUrl): void { $this->session ->method('get') ->willReturnMap([ ['client.flow.state.token', 'MyStateToken'], ['oauth.state', 'MyOauthState'], ]); $calls = [ 'client.flow.state.token', 'oauth.state', ]; $this->session ->method('remove') ->willReturnCallback(function ($key) use (&$calls) { $expected = array_shift($calls); $this->assertEquals($expected, $key); }); $this->session ->expects($this->once()) ->method('getId') ->willReturn('SessionId'); $myToken = $this->createMock(IToken::class); $myToken ->expects($this->once()) ->method('getLoginName') ->willReturn('MyLoginName'); $this->tokenProvider ->expects($this->once()) ->method('getToken') ->with('SessionId') ->willReturn($myToken); $this->tokenProvider ->expects($this->once()) ->method('getPassword') ->with($myToken, 'SessionId') ->willReturn('MyPassword'); $this->random ->method('generate') ->willReturnMap([ [72, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS, 'MyGeneratedToken'], [128, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS, 'MyAccessCode'], ]); $user = $this->createMock(IUser::class); $user ->expects($this->once()) ->method('getUID') ->willReturn('MyUid'); $this->userSession ->expects($this->once()) ->method('getUser') ->willReturn($user); $token = $this->createMock(IToken::class); $this->tokenProvider ->expects($this->once()) ->method('generateToken') ->with( 'MyGeneratedToken', 'MyUid', 'MyLoginName', 'MyPassword', 'My OAuth client', IToken::PERMANENT_TOKEN, IToken::DO_NOT_REMEMBER ) ->willReturn($token); $client = new Client(); $client->setName('My OAuth client'); $client->setRedirectUri($redirectUri); $this->clientMapper ->expects($this->once()) ->method('getByIdentifier') ->with('MyClientIdentifier') ->willReturn($client); $this->eventDispatcher->expects($this->once()) ->method('dispatchTyped'); $expected = new Http\RedirectResponse($redirectUrl); $this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken', 'MyClientIdentifier')); } public function testGeneratePasswordWithoutPassword(): void { $this->session ->expects($this->once()) ->method('get') ->with('client.flow.state.token') ->willReturn('MyStateToken'); $this->session ->expects($this->once()) ->method('remove') ->with('client.flow.state.token'); $this->session ->expects($this->once()) ->method('getId') ->willReturn('SessionId'); $myToken = $this->createMock(IToken::class); $myToken ->expects($this->once()) ->method('getLoginName') ->willReturn('MyLoginName'); $this->tokenProvider ->expects($this->once()) ->method('getToken') ->with('SessionId') ->willReturn($myToken); $this->tokenProvider ->expects($this->once()) ->method('getPassword') ->with($myToken, 'SessionId') ->willThrowException(new PasswordlessTokenException()); $this->random ->expects($this->once()) ->method('generate') ->with(72) ->willReturn('MyGeneratedToken'); $user = $this->createMock(IUser::class); $user ->expects($this->once()) ->method('getUID') ->willReturn('MyUid'); $this->userSession ->expects($this->once()) ->method('getUser') ->willReturn($user); $this->tokenProvider ->expects($this->once()) ->method('generateToken') ->with( 'MyGeneratedToken', 'MyUid', 'MyLoginName', null, 'unknown', IToken::PERMANENT_TOKEN, IToken::DO_NOT_REMEMBER ); $this->request ->expects($this->once()) ->method('getServerProtocol') ->willReturn('http'); $this->request ->expects($this->once()) ->method('getServerHost') ->willReturn('example.com'); $this->request ->expects($this->any()) ->method('getHeader') ->willReturn(''); $this->eventDispatcher->expects($this->once()) ->method('dispatchTyped'); $expected = new Http\RedirectResponse('nc://login/server:http://example.com&user:MyLoginName&password:MyGeneratedToken'); $this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken')); } public static function dataGeneratePasswordWithHttpsProxy(): array { return [ [ [ ['X-Forwarded-Proto', 'http'], ['X-Forwarded-Ssl', 'off'], ['USER_AGENT', ''], ], 'http', 'http', ], [ [ ['X-Forwarded-Proto', 'http'], ['X-Forwarded-Ssl', 'off'], ['USER_AGENT', ''], ], 'https', 'https', ], [ [ ['X-Forwarded-Proto', 'https'], ['X-Forwarded-Ssl', 'off'], ['USER_AGENT', ''], ], 'http', 'https', ], [ [ ['X-Forwarded-Proto', 'https'], ['X-Forwarded-Ssl', 'on'], ['USER_AGENT', ''], ], 'http', 'https', ], [ [ ['X-Forwarded-Proto', 'http'], ['X-Forwarded-Ssl', 'on'], ['USER_AGENT', ''], ], 'http', 'https', ], ]; } /** * @dataProvider dataGeneratePasswordWithHttpsProxy * @param array $headers * @param string $protocol * @param string $expected */ public function testGeneratePasswordWithHttpsProxy(array $headers, $protocol, $expected): void { $this->session ->expects($this->once()) ->method('get') ->with('client.flow.state.token') ->willReturn('MyStateToken'); $this->session ->expects($this->once()) ->method('remove') ->with('client.flow.state.token'); $this->session ->expects($this->once()) ->method('getId') ->willReturn('SessionId'); $myToken = $this->createMock(IToken::class); $myToken ->expects($this->once()) ->method('getLoginName') ->willReturn('MyLoginName'); $this->tokenProvider ->expects($this->once()) ->method('getToken') ->with('SessionId') ->willReturn($myToken); $this->tokenProvider ->expects($this->once()) ->method('getPassword') ->with($myToken, 'SessionId') ->willReturn('MyPassword'); $this->random ->expects($this->once()) ->method('generate') ->with(72) ->willReturn('MyGeneratedToken'); $user = $this->createMock(IUser::class); $user ->expects($this->once()) ->method('getUID') ->willReturn('MyUid'); $this->userSession ->expects($this->once()) ->method('getUser') ->willReturn($user); $this->tokenProvider ->expects($this->once()) ->method('generateToken') ->with( 'MyGeneratedToken', 'MyUid', 'MyLoginName', 'MyPassword', 'unknown', IToken::PERMANENT_TOKEN, IToken::DO_NOT_REMEMBER ); $this->request ->expects($this->once()) ->method('getServerProtocol') ->willReturn($protocol); $this->request ->expects($this->once()) ->method('getServerHost') ->willReturn('example.com'); $this->request ->expects($this->atLeastOnce()) ->method('getHeader') ->willReturnMap($headers); $this->eventDispatcher->expects($this->once()) ->method('dispatchTyped'); $expected = new Http\RedirectResponse('nc://login/server:' . $expected . '://example.com&user:MyLoginName&password:MyGeneratedToken'); $this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken')); } } Nextcloud server, a safe home for all your data: https://github.com/nextcloud/serverwww-data
aboutsummaryrefslogtreecommitdiffstats
path: root/cypress/e2e/systemtags/admin-settings.cy.ts
blob: 3c9a8b25cf4ca713a274545dd61a2a9e9c027801 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138

/**
 * @copyright 2023 Christopher Ng <chrng8@gmail.com>
 *
 * @author Christopher Ng <chrng8@gmail.com>
 *
 * @license AGPL-3.0-or-later
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 *
 */

import { User } from '@nextcloud/cypress'

const admin = new User('admin', 'admin')

const tagName = 'foo'
const updatedTagName = 'bar'

describe('Create system tags', () => {
	before(() => {
		cy.login(admin)
		cy.visit('/settings/admin')
	})

	it('Can create a tag', () => {
		cy.get('input#system-tag-name').should('exist').and('have.value', '')
		cy.get('input#system-tag-name').type(tagName)
		cy.get('input#system-tag-name').should('have.value', tagName)
		// submit the form
		cy.get('input#system-tag-name').type('{enter}')

		// see that the created tag is in the list
		cy.get('input#system-tags-input').focus()
		cy.get('input#system-tags-input').invoke('attr', 'aria-controls').then(id => {
			cy.get(`ul#${id}`).within(() => {
				cy.contains('li', tagName).should('exist')
				// ensure only one tag exists
				cy.get('li').should('have.length', 1)
			})
		})
	})
})

describe('Update system tags', { testIsolation: false }, () => {
	before(() => {
		cy.login(admin)
		cy.visit('/settings/admin')
	})

	it('select the tag', () => {
		// select the tag to edit
		cy.get('input#system-tags-input').focus()
		cy.get('input#system-tags-input').invoke('attr', 'aria-controls').then(id => {
			cy.get(`ul#${id}`).within(() => {
				cy.contains('li', tagName).should('exist').click()
			})
		})
		// see that the tag name matches the selected tag
		cy.get('input#system-tag-name').should('exist').and('have.value', tagName)
		// see that the tag level matches the selected tag
		cy.get('input#system-tag-level').click()
		cy.get('input#system-tag-level').siblings('.vs__selected').contains('Public').should('exist')
	})

	it('update the tag name and level', () => {
		cy.get('input#system-tag-name').clear()
		cy.get('input#system-tag-name').type(updatedTagName)
		cy.get('input#system-tag-name').should('have.value', updatedTagName)
		// select the new tag level
		cy.get('input#system-tag-level').focus()
		cy.get('input#system-tag-level').invoke('attr', 'aria-controls').then(id => {
			cy.get(`ul#${id}`).within(() => {
				cy.contains('li', 'Invisible').should('exist').click()
			})
		})
		// submit the form
		cy.get('input#system-tag-name').type('{enter}')
	})

	it('see the tag was successfully updated', () => {
		cy.get('input#system-tags-input').focus()
		cy.get('input#system-tags-input').invoke('attr', 'aria-controls').then(id => {
			cy.get(`ul#${id}`).within(() => {
				cy.contains('li', `${updatedTagName} (invisible)`).should('exist')
				// ensure only one tag exists
				cy.get('li').should('have.length', 1)
			})
		})
	})
})

describe('Delete system tags', { testIsolation: false }, () => {
	before(() => {
		cy.login(admin)
		cy.visit('/settings/admin')
	})

	it('select the tag', () => {
		// select the tag to edit
		cy.get('input#system-tags-input').focus()
		cy.get('input#system-tags-input').invoke('attr', 'aria-controls').then(id => {
			cy.get(`ul#${id}`).within(() => {
				cy.contains('li', `${updatedTagName} (invisible)`).should('exist').click()
			})
		})
		// see that the tag name matches the selected tag
		cy.get('input#system-tag-name').should('exist').and('have.value', updatedTagName)
		// see that the tag level matches the selected tag
		cy.get('input#system-tag-level').focus()
		cy.get('input#system-tag-level').siblings('.vs__selected').contains('Invisible').should('exist')
	})

	it('can delete the tag', () => {
		cy.get('.system-tag-form__row').within(() => {
			cy.contains('button', 'Delete').should('be.enabled').click()
		})
	})

	it('see that the deleted tag is not present', () => {
		cy.get('input#system-tags-input').focus()
		cy.get('input#system-tags-input').invoke('attr', 'aria-controls').then(id => {
			cy.get(`ul#${id}`).within(() => {
				cy.contains('li', updatedTagName).should('not.exist')
			})
		})
	})
})